CSE331: Introduction to Networks and Security Lecture 8

advertisement
CSE331:
Introduction to Networks
and Security
Lecture 8
Fall 2002
Announcements
• HW1 is graded
– Pick up after class
– Mean = 81
CSE331 Fall 2002
2
Recap
• Spanning tree algorithms
– Finds routing information for bridges
– Doesn’t scale to Internet size networks
• Internet Protocol (IPv4)
– Packet format
– Packet fragmentation
CSE331 Fall 2002
3
Today
• IP Addressing
• Subnetting
• DNS (Domain Name System)
CSE331 Fall 2002
4
IP addresses
• Hierarchical, not flat as in Ethernet
0
7
24
Network
Host
1 0
14
16
Network
Host
21
1 1 0
A
B
8
Network
Host
C
• Written as four decimal numbers separated
by dots: 158.130.14.2
CSE331 Fall 2002
5
Network Classes
Class # of nets
A
126
# of hosts
per net
~16 million
B
8192
65534
C
~2 million 254
CSE331 Fall 2002
6
IP Datagram Delivery
• Every IP packet (datagram) contains the
destination IP address
• The network part of the address uniquely
identifies a single network that is part of the
larger Internet.
• All hosts and routers that share the same
network part of their address are connected
to the same physical network.
• Routers can exchange packets on any
network they’re attached to.
CSE331 Fall 2002
7
IP Forwarding algorithm
• If (Network # dest == Network # interface)
then deliver to destination over interface
• else if (Network # dest in forwarding table)
deliver packet to NextHop router
• else deliver packet to default router
• Forwarding tables
– Contain (Network #, NextHop) pairs
– Additional information
– Built by routing protocol
CSE331 Fall 2002
8
Question:
• How does the hierarchical address scheme
improve scalability?
CSE331 Fall 2002
9
ARP - Address Resolution Protocol
• Problem:
– Need mapping between IP and link layer addresses.
• Solution: ARP
– Every host maintains IP–Link layer mapping table
(cache)
– Timeout associated with cached info (15 min.)
• Sender
– Broadcasts “Who is IP addr X?”
– Broadcast message includes sender’s IP & Link Layer
address
• Receivers
– Any host with sender in cache “refreshes” time-out
– Host with IP address X replies “IP X is Link Layer Y”
– Target host adds sender (if not already in cache)
CSE331 Fall 2002
10
ICMP: Internet Control Message Protocol
• Collection of error & control messages
• Sent back to the source when Router or Host
cannot process packet correctly
• Error Examples:
–
–
–
–
Destination host unreachable
Reassembly process failed
TTL reached 0
IP Header Checksum failed
• Control Example:
– Redirect – tells source about a better route
CSE331 Fall 2002
11
Scaling Problems
• Not enough network numbers.
– Class C network with 2 nodes wastes 253 IP
addresses
– Class B network with ~300 nodes wastes 64,000
IP addresses
– Only 214 ~ 16,500 class B networks
• Routing information too cumbersome.
– More networks means larger routing tables
CSE331 Fall 2002
12
http://www.cheswick.com/map/index.html
Subnetting
• Idea: One IP network number allocated to
several physical networks.
– The multiple physical networks are called subnets
– Should be close together (why?)
– Useful when a large company (or university!) has
many physical networks.
CSE331 Fall 2002
14
Subnet Numbers
• Solution: Subnetting
– All nodes are configured with subnet mask
– Allows definition of a subnet number
• All hosts on a physical subnetwork share the same
subnet number
Subnet Mask (255.255.255.0)
111111111111111111111111
00000000
Subnetted Address:
Network number
Subnet ID
CSE331 Fall 2002
Host ID
15
Example of Subnetting
Subnet mask: 255.255.255.128
Subnet #: 128.96.34.0
H1
128.96.34.15
128.96.34.1
R1
128.96.34.130
Subnet mask: 255.255.255.128
Subnet #: 128.96.34.128
128.96.34.129
R1
H2
128.96.34.139
128.96.33.1
Subnet mask: 255.255.255.0
H3
Subnet #: 128.96.33.0
128.96.33.14
CSE331 Fall 2002
16
Subnets, continued
• Mask is bitwise-ANDed with address
• This is done at routers
• Router tables in this model:
– <Subnet #, Subnet Mask, NextHop>
• Subnetting allows a set of physical networks
to look like a single logical network from
elsewhere
CSE331 Fall 2002
17
Forwarding Algorithm
D = destination IP address
for each forwarding table entry
(SubnetNumber, SubnetMask, NextHop)
D1 = SubnetMask & D
if D1 = SubnetNumber
if NextHop is an interface
deliver datagram directly to destination
else
deliver datagram to NextHop (router)
CSE331 Fall 2002
18
Domain Name System
• System for mapping mnemonic names for
computers into IP addresses.
zeta.cis.upenn.edu
• Domain Hierarchy
• Name Servers
• Name Resolution
CSE331 Fall 2002
158.130.12.244
19
Domain Name Hierarchy
edu
com
cornell … upenn
cis
seas
gov
cisco…yahoo
nasa … nsf
mil
org
net
arpa … navy …
wharton …
CSE331 Fall 2002
20
Hierarchy of Name Servers
Root
Name Server
Cornell
Name Server
…
Upenn
Name Server
CIS
Name Server
CSE331 Fall 2002
SEAS
Name Server
Wharton
Name Server
21
Records on Name Servers
• < Name, Value, Type, Class >
• Types
–
–
–
–
A Host to address mappings
NS Name server address mappings
CNAME Aliases
MX Mail server mappings
• Class IN for IP addresses
CSE331 Fall 2002
22
Name resolution
Root
Name
server
zeta.cis.upenn.edu
client
198.168.0.100
Local
Name
server
zeta.cis.upenn.edu
198.168.0.1
Upenn
Name
server
CIS
Name
server
CSE331 Fall 2002
23
Download